Filtered by vendor Netapp
Subscriptions
Total
2370 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-9354 | 1 Netapp | 1 Oncommand Balance | 2024-11-21 | N/A |
| NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage. | ||||
| CVE-2014-9353 | 1 Netapp | 1 Oncommand Balance | 2024-11-21 | N/A |
| NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors. | ||||
| CVE-2013-3322 | 1 Netapp | 1 Oncommand System Manager | 2024-11-21 | 7.2 High |
| NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to inject arbitrary commands in the Halt/Reboot interface. | ||||
| CVE-2013-3321 | 1 Netapp | 1 Oncommand System Manager | 2024-11-21 | 7.5 High |
| NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter. | ||||
| CVE-2013-3320 | 1 Netapp | 1 Oncommand System Manager | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager before 2.2 allows remote attackers to inject arbitrary web script or HTML via the 'full-name' and 'comment' fields. | ||||
| CVE-2010-5312 | 7 Apache, Debian, Drupal and 4 more | 7 Drill, Debian Linux, Drupal and 4 more | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option. | ||||
| CVE-2009-5155 | 2 Gnu, Netapp | 4 Glibc, Cloud Backup, Ontap Select Deploy Administration Utility and 1 more | 2024-11-21 | N/A |
| In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. | ||||
| CVE-2008-3349 | 2 Ibm, Netapp | 3 N Series Storage Server, Data Ontap, Fas900 | 2024-11-21 | N/A |
| Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160. | ||||
| CVE-2007-2768 | 2 Netapp, Openbsd | 5 Hci Management Node, Hci Storage Node, Solidfire and 2 more | 2024-11-21 | N/A |
| OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243. | ||||
| CVE-2007-2379 | 2 Jquery, Netapp | 2 Jquery, Snapcenter | 2024-11-21 | N/A |
| The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking." | ||||